static ne_session *session_open(int with_lock) { const char *scheme = NULL; ne_session *session; extern ne_lock_store *lock_store; if (!b_uri) return NULL; scheme = uri.scheme ? uri.scheme : "http"; if (!(session = ne_session_create(scheme, uri.host, uri.port ? uri.port : ne_uri_defaultport(scheme)))) { fprintf(stderr, "Failed to create session\n"); return NULL; } ne_ssl_set_verify(session, ssl_verify_cb, NULL); ne_set_server_auth(session, ne_auth_creds_cb, NULL); ne_redirect_register(session); if (with_lock && lock_store) ne_lockstore_register(lock_store, session); return session; }
std::string Client::connect(const std::string& httpURL) { auto colpos = httpURL.find_first_of("://"); if (colpos < 4 || colpos > 5) return std::string(); ctx = std::make_shared<ClientCtx>(); ctx->scheme.fill(0x00); ::memcpy(ctx->scheme.data(), httpURL.data(), colpos); for(unsigned c = 0; c < 5; ++c) ctx->scheme[c] = std::tolower(ctx->scheme[c]); ctx->host_and_port = ExtractHostPortHttp(httpURL); ctx->port = ctx->isHttps() ? 443 : 80; ne_session* ne = nullptr; auto pos = ctx->host_and_port.find_first_of(':'); if (std::string::npos != pos) {//case format host.com:443 char* end = nullptr; ctx->port = ::strtol(ctx->host_and_port.data() + (1 + pos), &end, 10); std::array<char, 80> hostStr; hostStr.fill(0x00); ::memcpy(hostStr.data(), ctx->host_and_port.data(), pos); ne = ne_session_create(ctx->scheme.data(), hostStr.data(), ctx->port); } else {//case format host.com (no port) ne = ne_session_create(ctx->scheme.data(), ctx->host_and_port.data(), ctx->port); std::array<char,8> temp; temp.fill(0); ::snprintf(temp.data(), temp.size(), ":%u", ctx->port); ctx->host_and_port.append(temp.data()); } ctx->sess = ne; ne_set_useragent(ctx->sess, "libneon"); if (ctx->isHttps()) { ne_ssl_trust_default_ca(ne); ne_ssl_set_verify(ne, &AcceptAllSSL, nullptr); } return ctx->host_and_port; }
static int setup_ssl(void) { char *ccfn = get_option(opt_clicert); ne_ssl_trust_default_ca(session.sess); ne_ssl_set_verify(session.sess, cert_verify, NULL); if (ccfn) { client_cert = ne_ssl_clicert_read(ccfn); if (client_cert) { ne_ssl_provide_clicert(session.sess, provide_clicert, ccfn); } else { printf("Could not load client certificate from `%s'.\n", ccfn); } } return 0; }
static int init_session(ne_session *sess) { if (proxy_hostname) { ne_session_proxy(sess, proxy_hostname, proxy_port); } ne_set_useragent(i_session, "davtest/" PACKAGE_VERSION); if (i_username) { ne_set_server_auth(sess, auth, NULL); } if (use_secure) { if (!ne_supports_ssl()) { t_context("No SSL support, reconfigure using --with-ssl"); return FAILHARD; } else { ne_ssl_set_verify(sess, ignore_verify, NULL); } } return OK; }
int dav_startsessx(char *server, char *comment, int enable_ssl) { FILE *p12 = NULL; const char *p12cert = "/tmp/usercert.p12"; const char *userkey, *usercert, *userproxy; char buffer[128]; /* Function to be executed once per thread, used to create the connection structure and set the server name */ if(mutex == 0) { /* If no host specified, use the DPNS default one */ if (!server) server = getenv("DPNS_HOST"); /* Finish the function if the host is still NULL*/ if (!server) { dav_error = SENOSHOST; return -1; } /* Trigger an error if the comment is too long */ if(comment && (strlen(comment) > CA_MAXCOMMENTLEN)) { dav_error = EINVAL; return -1; } pthread_once(&init_once, thread_init_once); connection = (struct dav_connection *)calloc(sizeof(struct dav_connection), 1); strcpy(connection->server, server); mutex = 1; } /* exit function if a session already exists */ if(connection->session) return 0; /* Retrieve userkey and usercert from environement variable */ userkey = getenv("X509_USER_KEY"); usercert = getenv("X509_USER_CERT"); userproxy = getenv("X509_USER_PROXY"); /* Use a proxy */ if (enable_ssl) { if (userproxy) { userkey = usercert = userproxy; } /* Try default proxy location */ else if (!userkey && !usercert) { struct stat stat_buf; snprintf(buffer, sizeof(buffer), "/tmp/x509up_u%d", getuid()); /* No luck, try with host cert and key */ if (stat(buffer, &stat_buf) != 0) { usercert = "/etc/grid-security/hostcert.pem"; userkey = "/etc/grid-security/hostkey.pem"; } } debug_msg("User certificate: %s", usercert); debug_msg("User key: %s", userkey); /* Try to open the certificate, create one if file does not exist yet */ if ((p12 = fopen(p12cert, "r")) == NULL){ if(convert_x509_to_p12(userkey, usercert, p12cert) == -1){ fprintf(stderr, "An error occur in the certificate conversion\n"); return -1; } }else { fclose(p12); } /* Try to open a session, return -1 and set the correct errno if it failed */ if ((connection->session = ne_session_create("https", server, 443)) == NULL) { dav_error = ENSNACT; return -1; } } else { if ((connection->session = ne_session_create("http", server, 80)) == NULL) { dav_error = ENSNACT; return -1; } } /* manual checking for ssl credentials */ ne_ssl_set_verify(connection->session, no_ssl_verification, NULL); /* Read the pkcs12 certificate */ if (enable_ssl) { ne_ssl_client_cert *cert = ne_ssl_clicert_read(p12cert); if (cert == NULL) { ne_session_destroy(connection->session); dav_error = SECOMERR; return -1; } ne_ssl_set_clicert(connection->session, cert); ne_ssl_clicert_free(cert); } return 0; }
static int open_handle (struct neon_handle * handle, uint64_t startbyte) { int ret; char * proxy_host = NULL; int proxy_port = 0; bool_t use_proxy = aud_get_bool (NULL, "use_proxy"); bool_t use_proxy_auth = aud_get_bool (NULL, "use_proxy_auth"); if (use_proxy) { proxy_host = aud_get_str (NULL, "proxy_host"); proxy_port = aud_get_int (NULL, "proxy_port"); } handle->redircount = 0; _DEBUG ("<%p> Parsing URL", handle); if (ne_uri_parse (handle->url, handle->purl) != 0) { _ERROR ("<%p> Could not parse URL '%s'", (void *) handle, handle->url); return -1; } while (handle->redircount < 10) { if (! handle->purl->port) handle->purl->port = ne_uri_defaultport (handle->purl->scheme); _DEBUG ("<%p> Creating session to %s://%s:%d", handle, handle->purl->scheme, handle->purl->host, handle->purl->port); handle->session = ne_session_create (handle->purl->scheme, handle->purl->host, handle->purl->port); ne_redirect_register (handle->session); ne_add_server_auth (handle->session, NE_AUTH_BASIC, server_auth_callback, (void *) handle); ne_set_session_flag (handle->session, NE_SESSFLAG_ICYPROTO, 1); ne_set_session_flag (handle->session, NE_SESSFLAG_PERSIST, 0); #ifdef HAVE_NE_SET_CONNECT_TIMEOUT ne_set_connect_timeout (handle->session, 10); #endif ne_set_read_timeout (handle->session, 10); ne_set_useragent (handle->session, "Audacious/" PACKAGE_VERSION); if (use_proxy) { _DEBUG ("<%p> Using proxy: %s:%d", handle, proxy_host, proxy_port); ne_session_proxy (handle->session, proxy_host, proxy_port); if (use_proxy_auth) { _DEBUG ("<%p> Using proxy authentication", handle); ne_add_proxy_auth (handle->session, NE_AUTH_BASIC, neon_proxy_auth_cb, (void *) handle); } } if (! strcmp ("https", handle->purl->scheme)) { ne_ssl_trust_default_ca (handle->session); ne_ssl_set_verify (handle->session, neon_vfs_verify_environment_ssl_certs, handle->session); } _DEBUG ("<%p> Creating request", handle); ret = open_request (handle, startbyte); if (! ret) { str_unref (proxy_host); return 0; } if (ret == -1) { ne_session_destroy (handle->session); handle->session = NULL; str_unref (proxy_host); return -1; } _DEBUG ("<%p> Following redirect...", handle); ne_session_destroy (handle->session); handle->session = NULL; } /* If we get here, our redirect count exceeded */ _ERROR ("<%p> Redirect count exceeded for URL %s", (void *) handle, handle->url); str_unref (proxy_host); return 1; }
/* * Connect to a DAV server * This function sets the flag _connected if the connection is established * and returns if the flag is set, so calling it frequently is save. */ static int dav_connect(const char *base_url) { int timeout = 30; int useSSL = 0; int rc; char protocol[6]; char uaBuf[256]; char *path = NULL; char *scheme = NULL; char *host = NULL; unsigned int port = 0; if (_connected) { return 0; } rc = c_parse_uri( base_url, &scheme, &dav_session.user, &dav_session.pwd, &host, &port, &path ); if( rc < 0 ) { DEBUG_WEBDAV("Failed to parse uri %s", base_url ); goto out; } DEBUG_WEBDAV("* scheme %s", scheme ? scheme : "empty"); DEBUG_WEBDAV("* host %s", host ? host : "empty"); DEBUG_WEBDAV("* port %u", port ); DEBUG_WEBDAV("* path %s", path ? path : "empty"); if( strcmp( scheme, "owncloud" ) == 0 ) { strncpy( protocol, "http", 6); } else if( strcmp( scheme, "ownclouds" ) == 0 ) { strncpy( protocol, "https", 6 ); useSSL = 1; } else { strncpy( protocol, "", 6 ); DEBUG_WEBDAV("Invalid scheme %s, go outa here!", scheme ); rc = -1; goto out; } DEBUG_WEBDAV("* user %s", dav_session.user ? dav_session.user : ""); if (port == 0) { port = ne_uri_defaultport(protocol); } rc = ne_sock_init(); DEBUG_WEBDAV("ne_sock_init: %d", rc ); if (rc < 0) { rc = -1; goto out; } dav_session.ctx = ne_session_create( protocol, host, port); if (dav_session.ctx == NULL) { DEBUG_WEBDAV("Session create with protocol %s failed", protocol ); rc = -1; goto out; } ne_set_read_timeout(dav_session.ctx, timeout); snprintf( uaBuf, sizeof(uaBuf), "csyncoC/%s",CSYNC_STRINGIFY( LIBCSYNC_VERSION )); ne_set_useragent( dav_session.ctx, c_strdup( uaBuf )); ne_set_server_auth(dav_session.ctx, ne_auth, 0 ); if( useSSL ) { if (!ne_has_support(NE_FEATURE_SSL)) { DEBUG_WEBDAV("Error: SSL is not enabled."); rc = -1; goto out; } ne_ssl_trust_default_ca( dav_session.ctx ); ne_ssl_set_verify( dav_session.ctx, verify_sslcert, 0 ); } _connected = 1; rc = 0; out: SAFE_FREE(path); SAFE_FREE(host); SAFE_FREE(scheme); return rc; }
/* Try to send the HTTP request to the Icecast server, and if possible deals with * all the probable redirections (HTTP status code == 3xx) */ static gint gst_neonhttp_src_send_request_and_redirect (GstNeonhttpSrc * src, ne_session ** ses, ne_request ** req, gint64 offset, gboolean do_redir) { ne_session *session = NULL; ne_request *request = NULL; gchar **c; gint res; gint http_status = 0; guint request_count = 0; do { if (src->proxy.host && src->proxy.port) { session = ne_session_create (src->uri.scheme, src->uri.host, src->uri.port); ne_session_proxy (session, src->proxy.host, src->proxy.port); } else if (src->proxy.host || src->proxy.port) { /* both proxy host and port must be specified or none */ return HTTP_REQUEST_WRONG_PROXY; } else { session = ne_session_create (src->uri.scheme, src->uri.host, src->uri.port); } if (src->connect_timeout > 0) { ne_set_connect_timeout (session, src->connect_timeout); } if (src->read_timeout > 0) { ne_set_read_timeout (session, src->read_timeout); } ne_set_session_flag (session, NE_SESSFLAG_ICYPROTO, 1); ne_ssl_set_verify (session, ssl_verify_callback, src); request = ne_request_create (session, "GET", src->query_string); if (src->user_agent) { ne_add_request_header (request, "User-Agent", src->user_agent); } for (c = src->cookies; c != NULL && *c != NULL; ++c) { GST_INFO ("Adding header Cookie : %s", *c); ne_add_request_header (request, "Cookies", *c); } if (src->iradio_mode) ne_add_request_header (request, "icy-metadata", "1"); if (offset > 0) { ne_print_request_header (request, "Range", "bytes=%" G_GINT64_FORMAT "-", offset); } res = ne_begin_request (request); if (res == NE_OK) { /* When the HTTP status code is 3xx, it is not the SHOUTcast streaming content yet; * Reload the HTTP request with a new URI value */ http_status = ne_get_status (request)->code; if (STATUS_IS_REDIRECTION (http_status) && do_redir) { const gchar *redir; /* the new URI value to go when redirecting can be found on the 'Location' HTTP header */ redir = ne_get_response_header (request, "Location"); if (redir != NULL) { ne_uri_free (&src->uri); gst_neonhttp_src_set_location (src, redir, NULL); GST_LOG_OBJECT (src, "Got HTTP Status Code %d", http_status); GST_LOG_OBJECT (src, "Using 'Location' header [%s]", src->uri.host); } } } if ((res != NE_OK) || (offset == 0 && http_status != 200) || (offset > 0 && http_status != 206 && !STATUS_IS_REDIRECTION (http_status))) { ne_request_destroy (request); request = NULL; ne_close_connection (session); ne_session_destroy (session); session = NULL; if (offset > 0 && http_status != 206 && !STATUS_IS_REDIRECTION (http_status)) { src->seekable = FALSE; } } /* if - NE_OK */ if (STATUS_IS_REDIRECTION (http_status) && do_redir) { ++request_count; GST_LOG_OBJECT (src, "redirect request_count is now %d", request_count); if (request_count < MAX_HTTP_REDIRECTS_NUMBER && do_redir) { GST_INFO_OBJECT (src, "Redirecting to %s", src->uri.host); } else { GST_WARNING_OBJECT (src, "Will not redirect, try again with a " "different URI or redirect location %s", src->uri.host); } /* FIXME: when not redirecting automatically, shouldn't we post a * redirect element message on the bus? */ } /* do the redirect, go back to send another HTTP request now using the 'Location' */ } while (do_redir && (request_count < MAX_HTTP_REDIRECTS_NUMBER) && STATUS_IS_REDIRECTION (http_status)); if (session) { *ses = session; *req = request; } return res; }
/* * Connect to a DAV server * This function sets the flag _connected if the connection is established * and returns if the flag is set, so calling it frequently is save. */ static int dav_connect(const char *base_url) { int useSSL = 0; int rc; char protocol[6] = {'\0'}; char uaBuf[256]; char *path = NULL; char *scheme = NULL; char *host = NULL; unsigned int port = 0; int proxystate = -1; if (_connected) { return 0; } rc = c_parse_uri( base_url, &scheme, &dav_session.user, &dav_session.pwd, &host, &port, &path ); if( rc < 0 ) { DEBUG_WEBDAV("Failed to parse uri %s", base_url ); goto out; } DEBUG_WEBDAV("* scheme %s", scheme ); DEBUG_WEBDAV("* host %s", host ); DEBUG_WEBDAV("* port %u", port ); DEBUG_WEBDAV("* path %s", path ); if( strcmp( scheme, "owncloud" ) == 0 ) { strcpy( protocol, "http"); } else if( strcmp( scheme, "ownclouds" ) == 0 ) { strcpy( protocol, "https"); useSSL = 1; } else { DEBUG_WEBDAV("Invalid scheme %s, go outa here!", scheme ); rc = -1; goto out; } DEBUG_WEBDAV("* user %s", dav_session.user ? dav_session.user : ""); if (port == 0) { port = ne_uri_defaultport(protocol); } #if 0 rc = ne_sock_init(); DEBUG_WEBDAV("ne_sock_init: %d", rc ); if (rc < 0) { rc = -1; goto out; } #endif dav_session.ctx = ne_session_create( protocol, host, port); if (dav_session.ctx == NULL) { DEBUG_WEBDAV("Session create with protocol %s failed", protocol ); rc = -1; goto out; } if (dav_session.read_timeout == 0) dav_session.read_timeout = 300; // set 300 seconds as default. ne_set_read_timeout(dav_session.ctx, dav_session.read_timeout); snprintf( uaBuf, sizeof(uaBuf), "Mozilla/5.0 (%s) csyncoC/%s", get_platform(), CSYNC_STRINGIFY( LIBCSYNC_VERSION )); ne_set_useragent( dav_session.ctx, uaBuf); ne_set_server_auth(dav_session.ctx, ne_auth, 0 ); if( useSSL ) { if (!ne_has_support(NE_FEATURE_SSL)) { DEBUG_WEBDAV("Error: SSL is not enabled."); rc = -1; goto out; } ne_ssl_trust_default_ca( dav_session.ctx ); ne_ssl_set_verify( dav_session.ctx, verify_sslcert, 0 ); } /* Hook called when a request is created. It sets the proxy connection header. */ ne_hook_create_request( dav_session.ctx, request_created_hook, NULL ); /* Hook called after response headers are read. It gets the Session ID. */ ne_hook_post_headers( dav_session.ctx, post_request_hook, NULL ); /* Hook called before a request is sent. It sets the cookies. */ ne_hook_pre_send( dav_session.ctx, pre_send_hook, NULL ); /* Hook called after request is dispatched. Used for handling possible redirections. */ ne_hook_post_send( dav_session.ctx, post_send_hook, NULL ); /* Proxy support */ proxystate = configureProxy( dav_session.ctx ); if( proxystate < 0 ) { DEBUG_WEBDAV("Error: Proxy-Configuration failed."); } else if( proxystate > 0 ) { ne_set_proxy_auth( dav_session.ctx, ne_proxy_auth, 0 ); } _connected = 1; rc = 0; out: SAFE_FREE(path); SAFE_FREE(host); SAFE_FREE(scheme); return rc; }